<?php
/******************************
 * EQdkp
 * Copyright 2002-2003
 * Licensed under the GNU GPL.  See COPYING for full terms.
 * ------------------
 * addevent.php
 * Began: Mon December 30 2002
 * 
 * $Id: addevent.php 541 2008-05-20 06:56:16Z rspeicher $
 * 
 ******************************/
 
define('EQDKP_INC', true);
define('IN_ADMIN', true);
$eqdkp_root_path = './../';
include_once($eqdkp_root_path . 'common.php');

$fv = new Form_Validate;

// Obtain var settings
$event_id = ( !empty($_REQUEST[URI_EVENT]) ) ? intval($_REQUEST[URI_EVENT]) : '';
$confirm = ( !empty($_POST['confirm']) ) ? true : false;

// Start session management
$user->start();
$user->setup();

// Delete confirmation
// If they didn't confirm, redirect them to the last page they were on
if ( isset($_POST['cancel']) )
{
    if ( $event_id )
    {
        $redirect = 'addevent.php'.$SID.'&' . URI_EVENT . '='.$event_id;
    }
    else
    {
        $redirect = 'addevent.php'.$SID;
    }
    
    redirect($redirect);
}

// Figure out what submit button was pressed
$add    = ( isset($_POST['add']) ) ? true : false;
$update = ( isset($_POST['update']) ) ? true : false;
$delete = ( isset($_POST['delete']) ) ? true : false;

// Figure out action based on submit
if ( $add )
{
    $user->check_auth('a_event_add');
    $action = 'add';
}
elseif ( $update )
{
    $user->check_auth('a_event_upd');
    $action = 'update';
}
elseif ( ($delete) || ($confirm) )
{
    $user->check_auth('a_event_del');
    $action = 'delete';
}
else
{
    $user->check_auth('a_event_');
    $action = 'display';
}

//
// Error Checking and variable initialization
//
if ( ($add) || ($update) || ($delete) )
{
    $_POST = htmlspecialchars_array($_POST);
    
    $event_added_by = $user->data['username'];
    $event_updated_by = $user->data['username'];
    
    $fv->is_number('event_value', $user->lang['fv_number_value']);
    $fv->is_filled(array(
        'event_name' => $user->lang['fv_required_name'],
        'event_value' => $user->lang['fv_required_value'])
    );
    
    // If there's errors, negate the whole thing since we'll need to re-display the form
    if ( $fv->is_error() )
    {
        $action = 'display';
    }
}

//
// Get relevant data
//
if ( $event_id )
{
    $sql = 'SELECT event_name, event_value
            FROM ' . EVENTS_TABLE . "
            WHERE event_id='".$event_id."'";
    $result = $db->query($sql);
    if ( !$row = $db->fetch_record($result) )
    {
        message_die($user->lang['error_invalid_event_provided']);
    }
    $db->free_result($result);
    
    $event = array(
        'event_name' => post_or_db('event_name', true, $row),
        'event_value' => post_or_db('event_value', true, $row)
    );
}
else
{
    $event = array(
        'event_name' => post_or_db('event_name', false),
        'event_value' => post_or_db('event_value', false)
    );
}

//
// Processing
//
switch ( $action )
{
    //
    // Add
    //
    case 'add':
        $sql = 'INSERT INTO ' . EVENTS_TABLE . "
                (event_id, event_name, event_value, event_added_by)
                VALUES ('NULL','".$_POST['event_name']."','".$_POST['event_value']."','".$event_added_by."')";
        if ( !($db->query($sql)) )
        {
            message_die('Could not insert event data');
        }
        
        // Logging
        $this_event_id = $db->insert_id();
        
        $log_action = array(
            'header' => '{L_ACTION_EVENT_ADDED}',
            'id' => $this_event_id,
            '{L_NAME}' => $_POST['event_name'],
            '{L_VALUE}' => $_POST['event_value'],
            '{L_ADDED_BY}' => $event_added_by);
        $eqdkp->log_insert(array(
            'log_type' => $log_action['header'],
            'log_action' => $eqdkp->make_log_action($log_action),
            'log_ipaddress' => $user->ip,
            'log_sid' => $user->session_id,
            'log_result' => '{L_SUCCESS}',
            'admin_id' => $user->data['user_id'])
        );
        
        $success_message = sprintf($user->lang['admin_add_event_success'], $_POST['event_value'], $_POST['event_name']);
        
        $link_list = generate_admin_success_links(array(
            $user->lang['list_events'] => 'listevents.php'.$SID,
            $user->lang['add_event'] => 'addevent.php'.$SID,
            $user->lang['add_raid'] => 'addraid.php'.$SID)
        );
        
        message_die(stripslashes($success_message) . '<br /><br />' . $link_list);
        
        break;
    //
    // Update
    //
    case 'update':
        // Get the 'old' data so we can see what's been changed
        $sql = 'SELECT event_name, event_value
                FROM ' . EVENTS_TABLE . "
                WHERE event_id='".$event_id."'";
        $result = $db->query($sql);
        while ( $row = $db->fetch_record($result) )
        {
            $old_event = array(
                'event_name' => addslashes($row['event_name']),
                'event_value' => addslashes($row['event_value'])
            );
        }
        $db->free_result($result);
        
        $sql = 'UPDATE ' . EVENTS_TABLE . "
                SET event_name='".$_POST['event_name']."', event_value='".$_POST['event_value']."'
                WHERE event_id='".$event_id."'";
        if ( !$db->query($sql) )
        {
            message_die('Could not update event data');
        }
        
        // Find all the raids with the old name and rename them to the new one
        if ( $old_event['event_name'] != $_POST['event_name'] )
        {
            $sql = 'UPDATE ' . RAIDS_TABLE . "
                    SET raid_name='".$_POST['event_name']."'
                    WHERE raid_name='".$old_event['event_name']."'";
            $db->query($sql);
        }
        
        // Logging
        $log_action = array(
            'header' => '{L_ACTION_EVENT_UPDATED}',
            'id' => $event_id,
            '{L_NAME_BEFORE}' => $old_event['event_name'],
            '{L_VALUE_BEFORE}' => $old_event['event_value'],
            '{L_NAME_AFTER}' => find_difference($old_event['event_name'], $_POST['event_name']),
            '{L_VALUE_AFTER}' => find_difference($old_event['event_value'], $_POST['event_value']),
            '{L_UPDATED_BY}' => $event_updated_by);
        $eqdkp->log_insert(array(
            'log_type' => $log_action['header'],
            'log_action' => $eqdkp->make_log_action($log_action),
            'log_ipaddress' => $user->ip,
            'log_sid' => $user->session_id,
            'log_result' => '{L_SUCCESS}',
            'admin_id' => $user->data['user_id'])
        );
        
        $success_message = sprintf($user->lang['admin_update_event_success'], stripslashes($_POST['event_value']), stripslashes($_POST['event_name']));
        
        $link_list = generate_admin_success_links(array(
            $user->lang['list_events'] => 'listevents.php'.$SID,
            $user->lang['add_event'] => 'addevent.php'.$SID,
            $user->lang['add_raid'] => 'addraid.php'.$SID)
        );
        
        message_die(stripslashes($success_message) . '<br /><br />' . $link_list);
        
        break;
    //
    // Delete
    //
    case 'delete':
        if ( !$confirm )
        {
            confirm_delete($user->lang['confirm_delete_event'], URI_EVENT, $event_id, 'addevent.php'.$SID);
        }
        else
        {
            // Get the 'old' data so we can see what's been changed
            $sql = 'SELECT event_name, event_value
                    FROM ' . EVENTS_TABLE . "
                    WHERE event_id='".$event_id."'";
            $result = $db->query($sql);
            while ( $row = $db->fetch_record($result) )
            {
                $old_event = array(
                    'event_name' => addslashes($row['event_name']),
                    'event_value' => addslashes($row['event_value'])
                );
            }
            $db->free_result($result);
            
            $sql = 'DELETE FROM ' . EVENTS_TABLE . "
                    WHERE event_id='".$event_id."'";
            $db->query($sql);
            
            // Logging
            $log_action = array(
                'header' => '{L_ACTION_EVENT_DELETED}',
                'id' => $event_id,
                '{L_NAME}' => $old_event['event_name'],
                '{L_VALUE}' => $old_event['event_value']);
            $eqdkp->log_insert(array(
                'log_type' => $log_action['header'],
                'log_action' => $eqdkp->make_log_action($log_action),
                'log_ipaddress' => $user->ip,
                'log_sid' => $user->session_id,
                'log_result' => '{L_SUCCESS}',
                'admin_id' => $user->data['user_id'])
            );
        } // confirmed
        break;
    //
    // Display form
    //
    case 'display':
        $tpl->assign_vars(array(
            'F_ADD_EVENT' => 'addevent.php'.$SID,
            'EVENT_ID' => $event_id,
            
            'EVENT_NAME' => stripslashes($event['event_name']),
            'EVENT_VALUE' => stripslashes($event['event_value']),
            
            'L_ADD_EVENT_TITLE' => $user->lang['addevent_title'],
            'L_NAME' => $user->lang['name'],
            'L_DKP_VALUE' => sprintf($user->lang['dkp_value'], $eqdkp->config['dkp_name']),
            'L_ADD_EVENT' => $user->lang['add_event'],
            'L_RESET' => $user->lang['reset'],
            'L_UPDATE_EVENT' => $user->lang['update_event'],
            'L_DELETE_EVENT' => $user->lang['delete_event'],
            
            'FV_NAME' => $fv->generate_error('event_name'),
            'FV_VALUE' => $fv->generate_error('event_value'),
            
            'MSG_NAME_EMPTY' => $user->lang['fv_required_name'],
            'MSG_VALUE_EMPTY' => $user->lang['fv_required_value'],
            
            'S_ADD' => ( !$event_id ) ? true : false)
        );
        
        $page_title = sprintf($user->lang['admin_title_prefix'], $eqdkp->config['guildtag'], $eqdkp->config['dkp_name']).': '.$user->lang['addevent_title'];
        include_once($eqdkp_root_path . 'includes/page_header.php');
        
        $tpl->set_filenames(array(
            'body' => 'admin/addevent.html')
        );
        
        include_once($eqdkp_root_path . 'includes/page_tail.php');
        break;
} // Processing
?>